Update scopes using signInWithOAuth?

Is there an example or recommended pattern for handing scope changes for a user?

Currently users sign in via the google provider with base scopes. Then later within the app there is an option to connect google drive and google sheets. The connect google sheets button is using signInWithOAuth with the additional scopes required but after clicking through the authorization screens and approving the new scopes, checking the provider token still returns the original base scopes

scopes: [
  'https://www.googleapis.com/auth/userinfo.email',
  'https://www.googleapis.com/auth/userinfo.profile',
  'openid'
]

scopes: [
  'https://www.googleapis.com/auth/userinfo.email',
  'https://www.googleapis.com/auth/userinfo.profile',
  'openid'
]

when I expect it to return

scopes: [
  'https://www.googleapis.com/auth/userinfo.email',
  'https://www.googleapis.com/auth/userinfo.profile',
  'openid',
  'https://www.googleapis.com/auth/spreadsheets.readonly',
  'https://www.googleapis.com/auth/drive.readonly',
  'https://www.googleapis.com/auth/drive.metadata.readonly',
]

scopes: [
  'https://www.googleapis.com/auth/userinfo.email',
  'https://www.googleapis.com/auth/userinfo.profile',
  'openid',
  'https://www.googleapis.com/auth/spreadsheets.readonly',
  'https://www.googleapis.com/auth/drive.readonly',
  'https://www.googleapis.com/auth/drive.metadata.readonly',
]

Here is the initial Oauth:

await supabase.auth.signInWithOAuth({
  provider: 'google',
  options: {
    redirectTo: `${process.env.NEXT_PUBLIC_BASE_URL}/auth/callback?redirect_to=${pathname}`,
    queryParams: {
      access_type: 'offline',
      prompt: 'consent',
    },
  },
})

await supabase.auth.signInWithOAuth({
  provider: 'google',
  options: {
    redirectTo: `${process.env.NEXT_PUBLIC_BASE_URL}/auth/callback?redirect_to=${pathname}`,
    queryParams: {
      access_type: 'offline',
      prompt: 'consent',
    },
  },
})

And here is where I am trying to add the new scopes:

const requiredScopesString = REQUIRED_SCOPES.join(' ')
await supabase.auth.signInWithOAuth({
  provider: 'google',
  options: {
    scopes: requiredScopesString,
    redirectTo: `${process.env.NEXT_PUBLIC_BASE_URL}/auth/callback?next=/${params.org_id}/data_sources/google_sheets/new`,
    queryParams: {
      prompt: 'consent',
      access_type: 'offline',
    },
  },
})

const requiredScopesString = REQUIRED_SCOPES.join(' ')
await supabase.auth.signInWithOAuth({
  provider: 'google',
  options: {
    scopes: requiredScopesString,
    redirectTo: `${process.env.NEXT_PUBLIC_BASE_URL}/auth/callback?next=/${params.org_id}/data_sources/google_sheets/new`,
    queryParams: {
      prompt: 'consent',
      access_type: 'offline',
    },
  },
})

Update scopes using signInWithOAuth?

scopes: [
  'https://www.googleapis.com/auth/userinfo.email',
  'https://www.googleapis.com/auth/userinfo.profile',
  'openid'
]

scopes: [
  'https://www.googleapis.com/auth/userinfo.email',
  'https://www.googleapis.com/auth/userinfo.profile',
  'openid'
]

when I expect it to return

scopes: [
  'https://www.googleapis.com/auth/userinfo.email',
  'https://www.googleapis.com/auth/userinfo.profile',
  'openid',
  'https://www.googleapis.com/auth/spreadsheets.readonly',
  'https://www.googleapis.com/auth/drive.readonly',
  'https://www.googleapis.com/auth/drive.metadata.readonly',
]

scopes: [
  'https://www.googleapis.com/auth/userinfo.email',
  'https://www.googleapis.com/auth/userinfo.profile',
  'openid',
  'https://www.googleapis.com/auth/spreadsheets.readonly',
  'https://www.googleapis.com/auth/drive.readonly',
  'https://www.googleapis.com/auth/drive.metadata.readonly',
]

Here is the initial Oauth:

await supabase.auth.signInWithOAuth({
  provider: 'google',
  options: {
    redirectTo: `${process.env.NEXT_PUBLIC_BASE_URL}/auth/callback?redirect_to=${pathname}`,
    queryParams: {
      access_type: 'offline',
      prompt: 'consent',
    },
  },
})

await supabase.auth.signInWithOAuth({
  provider: 'google',
  options: {
    redirectTo: `${process.env.NEXT_PUBLIC_BASE_URL}/auth/callback?redirect_to=${pathname}`,
    queryParams: {
      access_type: 'offline',
      prompt: 'consent',
    },
  },
})

And here is where I am trying to add the new scopes:

const requiredScopesString = REQUIRED_SCOPES.join(' ')
await supabase.auth.signInWithOAuth({
  provider: 'google',
  options: {
    scopes: requiredScopesString,
    redirectTo: `${process.env.NEXT_PUBLIC_BASE_URL}/auth/callback?next=/${params.org_id}/data_sources/google_sheets/new`,
    queryParams: {
      prompt: 'consent',
      access_type: 'offline',
    },
  },
})

const requiredScopesString = REQUIRED_SCOPES.join(' ')
await supabase.auth.signInWithOAuth({
  provider: 'google',
  options: {
    scopes: requiredScopesString,
    redirectTo: `${process.env.NEXT_PUBLIC_BASE_URL}/auth/callback?next=/${params.org_id}/data_sources/google_sheets/new`,
    queryParams: {
      prompt: 'consent',
      access_type: 'offline',
    },
  },
})

Update scopes using signInWithOAuth?

Update scopes using signInWithOAuth?

Similar Threads

Similar Threads

Similar Threads